REMARKS 

Claim 2 has been amended to add the label "previously presented." Claims 1-4, 6-15, 17- 
26, and 28-39 remain pending. 

The Examiner rejected claims 1-37 under 35 U.S.C. § 103(a) as being anticipated by 
Crump et al. (U.S. 6,892,245) in view of Gelb (U.S. 5,550,984) further in view of Aysan et al. 
(U.S. 2003/0108041). The Examiner's rejections are respectfully traversed as follows. 

Claim 1 is directed towards a "method for performing network address translation on 
data." Claim 1 also recites "receiving a first data having a first source address and a first 
destination address, wherein the first data is sent by a first node in a first domain to a second 
node in a second domain, and wherein the first data is received into a first interface associated 
with the first domain and output from a second interface associated with the second domain, and 
wherein the first domain differs from the second domain." Claim 1 further requires "if the first 
source address is a private address and if a binding between the first source address, the first 
interface, and a first public address is found, translating the first source address into the first 
public address specified by the found binding prior to sending the first data to the second domain 
destination." That is, a private first source address is translated based on whether a binding 
between this private source address and the first interface (and a public address) is found. 

If a binding is not found between this private address and this first interface, a new 
binding is formed: "if the first source address is a private address and if a binding between th e 
first source address, the first interface , and a first public address is not found, translating the first 
source address into a selected public address and forming and storing a first binding between the 
first source address, the selected public address, and the first interface, wherein the translation is 
performed prior to sending the first data to the second domain destination." For example, if a 
binding is found for a same private address and a different interface than the received first data, 
this binding is not used for translation of the first data's source address and, instead, another 
selected public address is used for the translation and another binding is formed. Once a binding 
is formed for a private, source address of a particular host, this binding is used for all other data 
sent to and from this particular host regardless of the other host's domain. This mechanism will 
prevent the same translation being used for different nodes in different private domains that 
happen to have a same private address while efficiently utilizing a single global address for each 
local address and its interface. 

The remaining independent claims include mechanisms for performing the same 
operations as claim 1. 
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The Examiner admits that Crumb fails to teach or suggest such a mechanism for forming 
and utilizing a binding between a local address of a local host, public address and the local host's 
interface for data going to and from such local host, in the manner claimed. It is also respectfully 
submitted that the secondary references have the same deficiencies. The secondary reference 
Gelb is cited as disclosing forming a binding between private address, interface, and public 
address. However, the cited portions of Gelb merely refer generally to "software used to bind a 
network interface adapter (22) to the Internet or other private network. See Col. 5, Lines 28-30 
(Emphasis added). At most, this binding is between an interface and a single network, rather 
than between an interface and a private and public address. This binding software is described as 
providing an address that allows a public user to find and attach to the front end of the security 
system. Supra Lines 31-32. This cited passage fails to teach or suggest forming a binding 
between an interface, private address, and public address of a particular node, in the manner 
claimed. 

The secondary reference Aysan is used to teach performing translating an address based 
on a binding between an interface, private address, and public address of a particular node, in the 
manner claimed. Aysan appears to teach using interface addresses for routing purposes, rather 
than for performing translation of source or destination addresses. Aysan also fails to teach or 
suggest forming or using a binding between an interface, private address, and public address that 
are associated with a particular node, in the manner claimed. In the portions cited by the 
Examiner, Aysan starts by teaching a mapping between a private and public address (as defined 
in an ARP table) that are shared with routers in the a particular VPN, and various components of 
this VPN are described. See paragraph [0042]. Specifically, Aysan teaches a network interface 
310, that receives a packet from a particular source having a private address (see paragraph 
[0045]), then "proceeds to look up (step 806) the private destination address 714 (10.20.1.1) in a 
routing table to learn that the packet should be sent to the remove CVR tunnel interface 412, 
which ...has an address of 10.1.2.1." See paragraph [0046]. Aysan notes that the ARP table also 
associates the addresses of particular interfaces, such as BR tunnel interface 314A and local 
CVR tunnel interface 312. See paragraph [0048]. The received packet is encapsulated with the 
addresses of the routing interfaces. See paragraph [0049]. The source address (or any other 
address) of the packet is not translated based on binding between an interface, private address, 
and public address, in the manner claimed. Additionally, Aysan fails to teach forming such a 
binding, in the manner claimed. 

Accordingly, it is respectfully submitted that independent claims 1, 14, 25, and 36 are 
patentable over the cited references. 
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The Examiner's rejections of the dependent claims are also respectfully traversed. 
However, to expedite prosecution, all of these claims will not be argued separately. Claims 2-4, 
6-13, 15, 17-24, 26, 28-35, and 37 each depend directly or indirectly from independent claims 1, 
14, 25, or 36 and, therefore, are respectfully submitted to be patentable over cited art for at least 
the reasons set forth above with respect to claims 1, 14, 25, or 36. Further, the dependent claims 
require additional elements that when considered in context of the claimed inventions further 
patentably distinguish the invention from the cited art. 

For example, claim 2 specifies operations for handling a second data having a private, 
source address that is the same as the private, source address of the first data, but the second data 
is being sent to a third domain that differs from the first data's first domain. Claim 2 recites "the 
third domain differs from the first domain but the second source address is the same as the first 
source address" and "if the second source address is a private address and if a binding between 
the second source address, the third interface, and a second public address is not found, 
translating the second source address into a second public address and forming and storing a 
second binding between the second source address, the second public address, and the third 
interface, wherein the translation is performed prior to sending the second data from the fourth 
domain interface." If this binding between "the second source address, the third interface, and 
the second public address" is found, claim 2 recites that "translating the second source address 
into the second public address specified by the found binding prior to sending the second data to 
the third domain destination." If the destination address alternatively matches up with this 
already existing binding (data is being transmitted to the third node), the destination address is 
also translated based on this same binding: "if a second destination binding between the second 
destination address, a second private address, and the fourth interface is found, translating the 
second destination address into the second private address specified by the second destination 
binding, wherein the translation of the second destination address is performed prior to sending 
the second data out the fourth interface to the fourth node." New claims 38 and 39 provide 
mechanisms for performing such operations. Thus, any data going to and from the same private 
node is translated based on this same binding which matches up with the interface of the private 
node, even when the other nodes have different domains. Crump fails to teach or suggest a 
mechanism for forming and using such a binding for translation, in the manner claimed. 
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Applicant believes that all pending claims are allowable and respectfully requests a 
Notice of Allowance for this application from the Examiner. Should the Examiner believe that a 
telephone conference would expedite the prosecution of this application, the undersigned can be 
reached at the telephone number set out below. 

Respectfully submitted, 
BEYER WEAVER, LLP 



/Mary R. Olynick/ 
Mary R. Olynick 

Reg. 42,963 
P.O. Box 70250 
Oakland, CA 94612-0250 
(510) 663-1100 
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